Nom du paquet
poppler
Date
2013-04-15
Advisory ID
MDVSA-2013:143
Affected versions
MES5 i586 , MBS1 x86_64 , MES5 x86_64

Problem description

Multiple vulnerabilities has been found and corrected in poppler:

poppler before 0.22.1 allows context-dependent attackers to cause
a denial of service (crash) and possibly execute arbitrary code via
vectors that trigger an invalid memory access in (1) splash/Splash.cc,
(2) poppler/Function.cc, and (3) poppler/Stream.cc (CVE-2013-1788).

poppler/Stream.cc in poppler before 0.22.1 allows context-dependent
attackers to have an unspecified impact via vectors that trigger a
read of uninitialized memory by the CCITTFaxStream::lookChar function
(CVE-2013-1790).

The updated packages have been patched to correct these issues.

Updated packages

MES5 i586

 e13e7d84fb7b70dfccdfb27378402361  mes5/i586/libpoppler3-0.8.7-2.6mdvmes5.2.i586.rpm
 da5189a8d65f54a22c59f020def82282  mes5/i586/libpoppler-devel-0.8.7-2.6mdvmes5.2.i586.rpm
 55904ea937d3a3c11fd3d4c6bcf6b855  mes5/i586/libpoppler-glib3-0.8.7-2.6mdvmes5.2.i586.rpm
 ffa8266cc4a8ac50ec1118f28bf225f7  mes5/i586/libpoppler-glib-devel-0.8.7-2.6mdvmes5.2.i586.rpm
 a68d106e788196d37c95d949ed7dcf4b  mes5/i586/libpoppler-qt2-0.8.7-2.6mdvmes5.2.i586.rpm
 27a630a2edcbfac25dd2f1df401b41df  mes5/i586/libpoppler-qt4-3-0.8.7-2.6mdvmes5.2.i586.rpm
 56765c2693f2a4388a06e24e67f031ef  mes5/i586/libpoppler-qt4-devel-0.8.7-2.6mdvmes5.2.i586.rpm
 5a112c8ab808eef1ecef523b6d45ca48  mes5/i586/libpoppler-qt-devel-0.8.7-2.6mdvmes5.2.i586.rpm
 dc0c25e172442d4c44c311cf1ed9b3a1  mes5/i586/poppler-0.8.7-2.6mdvmes5.2.i586.rpm 
 28bbe7bade35e37cc0e880d0f508af69  mes5/SRPMS/poppler-0.8.7-2.6mdvmes5.2.src.rpm

MBS1 x86_64

 edb6011f71f0c648e22e534c1404d1d7  mbs1/x86_64/lib64poppler19-0.18.4-3.1.mbs1.x86_64.rpm
 28372765a8f012a844fad72bde53a073  mbs1/x86_64/lib64poppler-cpp0-0.18.4-3.1.mbs1.x86_64.rpm
 ebe7dc4ae06f6f528f5800b03c37ee1b  mbs1/x86_64/lib64poppler-cpp-devel-0.18.4-3.1.mbs1.x86_64.rpm
 522fd11d40f4e38ba3906d776090844f  mbs1/x86_64/lib64poppler-devel-0.18.4-3.1.mbs1.x86_64.rpm
 644d8abcee07f8e4bad8f15a328bc6fb  mbs1/x86_64/lib64poppler-gir0.18-0.18.4-3.1.mbs1.x86_64.rpm
 62046dc5484897a29181514231b0552a  mbs1/x86_64/lib64poppler-glib8-0.18.4-3.1.mbs1.x86_64.rpm
 613993e0404d28ac78b65113e61e2a9c  mbs1/x86_64/lib64poppler-glib-devel-0.18.4-3.1.mbs1.x86_64.rpm
 786fb2041cb2ad9132379c647c42ffd1  mbs1/x86_64/poppler-0.18.4-3.1.mbs1.x86_64.rpm 
 ae93c00e6b93f4ebb0701274ccd55526  mbs1/SRPMS/poppler-0.18.4-3.1.mbs1.src.rpm

MES5 x86_64

 9f696c754f26af5b1094a7a74472de2d  mes5/x86_64/lib64poppler3-0.8.7-2.6mdvmes5.2.x86_64.rpm
 a08478b1c084c889b8446509085d3d71  mes5/x86_64/lib64poppler-devel-0.8.7-2.6mdvmes5.2.x86_64.rpm
 7cbf2ed46590a3bdcc935e7ef12507da  mes5/x86_64/lib64poppler-glib3-0.8.7-2.6mdvmes5.2.x86_64.rpm
 58c9f6b4d94621cbf7389e596ca840b1  mes5/x86_64/lib64poppler-glib-devel-0.8.7-2.6mdvmes5.2.x86_64.rpm
 1ac442e54148f2abba0ea1546d7d7ab6  mes5/x86_64/lib64poppler-qt2-0.8.7-2.6mdvmes5.2.x86_64.rpm
 ee706d1f45a5970d8579f8d7b20b8184  mes5/x86_64/lib64poppler-qt4-3-0.8.7-2.6mdvmes5.2.x86_64.rpm
 8cd5a09280738fcdf0871a812e923c87  mes5/x86_64/lib64poppler-qt4-devel-0.8.7-2.6mdvmes5.2.x86_64.rpm
 7033023530daa6af0518c4f22b956fca  mes5/x86_64/lib64poppler-qt-devel-0.8.7-2.6mdvmes5.2.x86_64.rpm
 5482ec3f9cb359681eeb9b3106fe2fe3  mes5/x86_64/poppler-0.8.7-2.6mdvmes5.2.x86_64.rpm 
 28bbe7bade35e37cc0e880d0f508af69  mes5/SRPMS/poppler-0.8.7-2.6mdvmes5.2.src.rpm

References